Mercurial > hg > fapweb
annotate ajax.php @ 8:4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
| author | Matti Hamalainen <ccr@tnsp.org> |
|---|---|
| date | Thu, 06 Dec 2012 13:30:46 +0200 |
| parents | 76c3b89d7b11 |
| children | e36c4d2b09c4 |
| rev | line source |
|---|---|
| 0 | 1 <? |
| 2 require "mconfig.inc.php"; | |
| 3 require "msite.inc.php"; | |
| 4 | |
| 5 // Check if we are allowed to execute | |
|
5
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
6 if (!stCheckHTTPS() || !stAdmSessionAuth()) |
| 0 | 7 { |
| 8 header("Status: 404 Not Found"); | |
| 9 exit; | |
| 10 } | |
| 11 | |
|
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
12 stSetupCacheControl(); |
| 0 | 13 |
|
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
14 // Initiate SQL database connection |
| 0 | 15 if (!stConnectSQLDB()) |
| 16 die("Could not connect to SQL database."); | |
| 17 | |
|
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
18 // Fetch non-"hardcoded" settings from SQL database |
|
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
19 stReloadSettings(); |
|
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
20 |
| 0 | 21 |
| 22 function setStatus($val, $msg) | |
| 23 { | |
| 24 global $statusSet; | |
| 25 if (!$statusSet) | |
| 26 { | |
| 27 header("Status: ".$val." ".$msg); | |
| 28 } | |
| 29 $statusSet = TRUE; | |
| 30 } | |
| 31 | |
| 32 | |
| 33 function execSQLCond($sql, $okmsg) | |
| 34 { | |
| 35 if (($res = stExecSQL($sql)) !== FALSE) | |
| 36 { | |
| 37 if ($okmsg != "") | |
| 38 setStatus(200, $okmsg); | |
| 39 return $res; | |
| 40 } | |
| 41 else | |
| 42 { | |
| 43 setStatus(900, "Error in SQL execution."); | |
| 44 return FALSE; | |
| 45 } | |
| 46 } | |
| 47 | |
| 48 | |
| 49 // XMLHttp responses | |
| 50 $action = "ERROR"; | |
| 51 if (stChkRequestItem("action") && stChkRequestItem("type")) | |
| 52 { | |
| 53 $action = $_REQUEST["action"]; | |
| 54 $type = $_REQUEST["type"]; | |
| 55 } | |
| 56 | |
| 57 | |
| 58 switch ($action) | |
| 59 { | |
| 60 case "dump": | |
| 61 if (($res = execSQLCond( | |
| 62 "SELECT * FROM attendees WHERE email NOT NULL AND email != '' ORDER BY regtime DESC", | |
| 63 "Dump OK.")) !== FALSE) | |
| 64 { | |
| 65 $out1 = array(); | |
| 66 $out2 = array(); | |
| 67 | |
| 68 foreach ($res as $item) | |
| 69 { | |
| 70 $out1[] = $item["name"]." <".$item["email"].">"; | |
| 71 $out2[] = $item["email"]; | |
| 72 } | |
| 73 | |
| 74 echo "<br /><hr />". | |
| 75 implode(", ", $out1)."<br /><hr /><br />". | |
| 76 implode("<br />", $out1)."<br /><hr /><br />". | |
| 77 implode(", ", $out2)."<br /><hr /><br />". | |
| 78 implode("<br />", $out2)."<br /><hr />"; | |
| 79 | |
| 80 } | |
| 81 break; | |
| 82 | |
| 83 case "get": | |
| 84 switch ($type) | |
| 85 { | |
| 86 case "news": | |
| 87 $sql = "SELECT * FROM news ORDER BY utime DESC"; | |
| 88 break; | |
| 89 | |
| 90 case "attendees": | |
| 91 $sql = "SELECT * FROM attendees ORDER BY regtime DESC"; | |
| 92 break; | |
| 93 | |
| 94 case "compos": | |
| 95 $sql = "SELECT * FROM compos ORDER BY id DESC"; | |
| 96 break; | |
|
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
97 |
|
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
98 case "settings": |
|
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
99 $sql = "SELECT * FROM settings"; |
|
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
100 break; |
| 0 | 101 |
| 102 case "entries": | |
| 103 stGetCompoList(TRUE); | |
| 104 | |
| 105 foreach ($compos as $id => $compo) | |
| 106 { | |
| 107 echo | |
| 108 "<form>\n". | |
| 109 " <table class=\"misc\">\n". | |
| 110 " <tr>\n". | |
| 111 " <th colspan=\"3\">".chentities($compo["name"])."</th>\n". | |
| 112 " </tr>\n". | |
| 113 " <tr>\n". | |
| 114 " <th>Title</th>\n". | |
| 115 " <th>Author</th>\n". | |
| 116 " <th>Actions</th>\n". | |
| 117 " </tr>\n"; | |
| 118 | |
| 119 $prefix = "en"; | |
| 120 foreach ($compo["entries"] as $eid => $entry) | |
| 121 { | |
| 122 echo | |
| 123 " <tr id=\"entry".$eid."\">\n". | |
| 124 " <td>".stGetFormTextInput(40, 64, "name", $eid, "en", $entry["name"])."</td>\n". | |
| 125 " <td>".stGetFormTextInput(40, 64, "author", $eid, "en", $entry["author"])."</td>\n". | |
| 126 " <td>". | |
| 127 stGetFormButtonInput("update", $eid, $prefix, " Update ", "updateEntry(".$eid.")"). | |
| 128 stGetFormButtonInput("delete", $eid, $prefix, " Delete ", "deleteEntry(".$eid.")"). | |
| 129 "</td>\n". | |
| 130 " </tr>\n"; | |
| 131 } | |
| 132 $prefix = "ne"; | |
| 133 echo | |
| 134 " <tr>\n". | |
| 135 " <td>".stGetFormTextInput(40, 64, "name", $id, "ne", "")."</td>\n". | |
| 136 " <td>".stGetFormTextInput(40, 64, "author", $id, "ne", "")."</td>\n". | |
| 137 " <td>".stGetFormButtonInput("add", $id, $prefix, " Add new ", "addEntry(".$id.")")."</td>\n". | |
| 138 " </tr>\n". | |
| 139 " </table>\n". | |
| 140 "</form>\n"; | |
| 141 } | |
| 142 break; | |
| 143 | |
| 144 case "voters": | |
| 145 $sql = "SELECT * FROM voters ORDER BY id ASC"; | |
| 146 } | |
| 147 | |
| 148 if (isset($sql) && ($res = execSQLCond($sql, "")) !== FALSE) | |
| 149 { | |
| 150 if ($type == "news") | |
| 151 { | |
| 152 foreach ($res as $item) | |
| 153 { | |
| 154 $id = $item["id"]; | |
| 155 stPrintNewsItem($item, | |
| 156 "<br />". | |
| 157 " <button class=\"button\" id=\"ndel".$id. | |
| 158 "\" type=\"button\" onclick=\"deleteNews(".$id. | |
| 159 ")\">Delete</button>\n" | |
| 160 ); | |
| 161 } | |
| 162 } | |
| 163 else | |
| 164 if ($type == "attendees") | |
| 165 { | |
| 166 echo | |
| 167 "<table class=\"attendees\">\n". | |
| 168 " <tr>\n". | |
| 169 " <th>Name</th>\n". | |
| 170 " <th class=\"groups\">Group(s)</th>\n". | |
| 171 " <th class=\"regtime\">Registered</th>\n". | |
| 172 " <th class=\"oneliner\">Oneliner</th>\n". | |
| 173 " <th class=\"email\">E-mail</th>\n". | |
| 174 " <th>Actions</th>\n". | |
| 175 " </tr>\n"; | |
| 176 $row = 0; | |
| 177 foreach ($res as $item) | |
| 178 stPrintAttendee($item, $row++, TRUE); | |
| 179 echo "</table>\n"; | |
| 180 } | |
| 181 else | |
| 182 if ($type == "compos") | |
| 183 { | |
| 184 foreach ($res as $item) | |
| 185 { | |
| 186 $id = $item["id"]; | |
| 187 $prefix = "co"; | |
| 188 echo | |
| 189 "<div id=\"compo".$id."\">\n". | |
| 190 "<h2>#".$id." - ".chentities($item["name"])."</h2>\n". | |
| 191 stGetFormTextInput(40, 64, "name", $id, $prefix, $item["name"])."\n". | |
| 192 stGetFormCheckBoxInput("enabled", $id, $prefix, $item["enabled"], "Enabled")."<br />\n". | |
| 193 stGetFormTextArea(5, 60, "description", $id, $prefix, $item["description"])."\n<br />\n". | |
| 194 stGetFormButtonInput("update", $id, $prefix, " Update ", "updateCompo(".$id.")")."\n". | |
| 195 "</div>\n". | |
| 196 "<hr />\n"; | |
| 197 } | |
| 198 } | |
| 199 else | |
| 200 if ($type == "voters") | |
| 201 { | |
| 202 echo | |
|
5
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
203 "<table class=\"voters\">\n". |
| 0 | 204 " <tr>\n". |
|
5
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
205 " <th class=\"vid\">#</th>\n". |
|
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
206 " <th class=\"vkey\">Vote key</th>\n". |
|
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
207 " <th class=\"vname\">Name</th>\n". |
|
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
208 " <th style=\"vactive\">Active</th>\n". |
| 0 | 209 " </tr>\n"; |
| 210 $row = 0; | |
| 211 foreach ($res as $item) | |
| 212 { | |
| 213 $id = $item["id"]; | |
| 214 $prefix = "vo"; | |
| 215 echo | |
| 216 " <tr>\n". | |
|
5
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
217 " <tr class=\"".($item["enabled"] ? "vactive " : ""). |
|
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
218 ($row % 2 == 1 ? "rodd" : "reven")."\" id=\"voter".$id."\">\n". |
|
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
219 " <td class=\"vid\">".sprintf("%04d", $id)."</td>\n". |
|
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
220 " <td class=\"vkey\">".chentities($item["key"])."</td>\n". |
|
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
221 " <td class=\"vname\">".stGetFormTextInput(40, 64, "name", $id, $prefix, $item["name"], |
| 0 | 222 "onBlur=\"updateVoter(".$id.")\" autocomplete=\"off\"")."</td>\n". |
|
5
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
223 " <td class=\"vactive\">".stGetFormCheckBoxInput("enabled", $id, $prefix, $item["enabled"], "", |
| 0 | 224 "onClick=\"updateVoter(".$id.")\"")."</td>\n". |
| 225 " </tr>\n"; | |
| 226 $row++; | |
| 227 } | |
| 228 echo "</table>\n"; | |
| 229 } | |
|
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
230 else |
|
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
231 if ($type == "settings") |
|
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
232 { |
|
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
233 } |
| 0 | 234 } |
| 235 break; | |
| 236 | |
| 237 case "delete": | |
| 238 if (stChkRequestItem("id")) | |
| 239 { | |
| 240 $id = intval(stGetRequestItem("id")); | |
| 241 | |
| 242 if ($type == "news") | |
| 243 $sql = stPrepareSQL("DELETE FROM news WHERE id=%d AND persist=0", $id); | |
| 244 else | |
| 245 if ($type == "attendees") | |
| 246 $sql = stPrepareSQL("DELETE FROM attendees WHERE id=%d", $id); | |
| 247 else | |
| 248 if ($type == "entries") | |
| 249 $sql = stPrepareSQL("DELETE FROM entries WHERE id=%d", $id); | |
| 250 | |
| 251 execSQLCond($sql, "OK, ".$type." item ".$id." deleted."); | |
| 252 } | |
| 253 else | |
| 254 setStatus(901, "No ID specified."); | |
| 255 break; | |
| 256 | |
| 257 case "add": | |
| 258 if ($type == "news" && stChkRequestItem("text") && stChkRequestItem("author") && stChkRequestItem("title")) | |
| 259 { | |
| 260 $sql = stPrepareSQL( | |
| 261 "INSERT INTO news (utime,title,text,author) VALUES (%d,%S,%Q,%S)", | |
| 262 time(), "title", "text", "author"); | |
| 263 | |
| 264 execSQLCond($sql, "OK, news item added."); | |
| 265 } | |
| 266 else | |
| 267 if ($type == "compo" && stChkRequestItem("name") && stChkRequestItem("description")) | |
| 268 { | |
| 269 $sql = stPrepareSQL( | |
| 270 "INSERT INTO compos (name,description,enabled) VALUES (%S,%Q,0)", | |
| 271 "name", "description", 0); | |
| 272 | |
| 273 execSQLCond($sql, "OK, compo added."); | |
| 274 } | |
| 275 else | |
| 276 if ($type == "entry" && stChkRequestItem("name") && stChkRequestItem("author") && stChkRequestItem("compo_id")) | |
| 277 { | |
| 278 $sql = stPrepareSQL( | |
| 279 "INSERT INTO entries (name,author,compo_id) VALUES (%S,%Q,%D)", | |
| 280 "name", "author", "compo_id"); | |
| 281 | |
| 282 execSQLCond($sql, "OK, entry added."); | |
| 283 } | |
| 284 else | |
| 285 setStatus(902, "No data."); | |
| 286 break; | |
| 287 | |
| 288 case "update": | |
| 289 if ($type == "attendees" && stChkRequestItem("id") && | |
| 290 stChkRequestItem("email") && stChkRequestItem("oneliner")) | |
| 291 { | |
| 292 $sql = stPrepareSQLUpdate("attendees", | |
| 293 "WHERE id=".intval(stGetRequestItem("id")), | |
| 294 array( | |
| 295 "email" => "S", | |
| 296 "oneliner" => "S", | |
| 297 )); | |
| 298 | |
| 299 execSQLCond($sql, "OK, attendee updated."); | |
| 300 } | |
| 301 else | |
| 302 if ($type == "news" && stChkRequestItem("id") && | |
| 303 stChkRequestItem("text") && stChkRequestItem("author") && | |
| 304 stChkRequestItem("title")) | |
| 305 { | |
| 306 $sql = stPrepareSQLUpdate("news", | |
| 307 "WHERE id=".intval(stGetRequestItem("id")), | |
| 308 array( | |
| 309 "title" => "S", | |
| 310 "text" => "Q", | |
| 311 "author" => "S" | |
| 312 )); | |
| 313 | |
| 314 execSQLCond($sql, "OK, news item updated."); | |
| 315 } | |
| 316 else | |
| 317 if ($type == "compo" && stChkRequestItem("id") && | |
| 318 stChkRequestItem("name") && stChkRequestItem("description") && | |
| 319 stChkRequestItem("enabled")) | |
| 320 { | |
| 321 $sql = stPrepareSQLUpdate("compos", | |
| 322 "WHERE id=".intval(stGetRequestItem("id")), | |
| 323 array( | |
| 324 "name" => "S", | |
| 325 "description" => "Q", | |
| 326 "enabled" => "B", | |
| 327 )); | |
| 328 | |
| 329 execSQLCond($sql, "OK, compo updated."); | |
| 330 } | |
| 331 else | |
| 332 if ($type == "voter" && stChkRequestItem("id") && | |
| 333 stChkRequestItem("name") && stChkRequestItem("enabled")) | |
| 334 { | |
| 335 $sql = stPrepareSQLUpdate("voters", | |
| 336 "WHERE id=".intval(stGetRequestItem("id")), | |
| 337 array( | |
| 338 "name" => "S", | |
| 339 "enabled" => "B", | |
| 340 )); | |
| 341 | |
| 342 execSQLCond($sql, "OK, voter updated."); | |
| 343 } | |
| 344 else | |
| 345 if ($type == "entry" && stChkRequestItem("id") && | |
|
3
916623924bd5
More work on the party management and voting system.
Matti Hamalainen <ccr@tnsp.org>
parents:
0
diff
changeset
|
346 stChkRequestItem("name") && stChkRequestItem("author")) |
| 0 | 347 { |
| 348 $sql = stPrepareSQLUpdate("entries", | |
| 349 "WHERE id=".intval(stGetRequestItem("id"). | |
| 350 " AND compo_id=".intval(stGetRequestItem("compo_id"))), | |
| 351 array( | |
| 352 "name" => "S", | |
| 353 "author" => "S", | |
| 354 )); | |
| 355 | |
| 356 execSQLCond($sql, "OK, voter updated."); | |
| 357 } | |
| 358 else | |
| 359 setStatus(902, "No data."); | |
| 360 break; | |
| 361 | |
| 362 default: | |
| 363 setStatus(404, "Not Found"); | |
| 364 break; | |
| 365 } | |
| 366 | |
| 367 ?> |